Information Systems Security Manager (ISSM) - Marine Corps ...

NAVSO P-5239-04SEPTEMBER 19953.7 AuditingSecurity-related weaknesses of the IS must be identified and eliminated. Monitoringthe security activities of the IS and conducting an audit of security-related activity on the IShelps identify the weaknesses. This section describes the ISSM’s roles in monitoring securityactivities on the IS.ResponsibilityThe ISSM is responsible for ensuring that IS transactions areeffectively audited and that audit trails are regularly reviewedby the ISSO or NSO responsible for the IS or network underthe cognizance of the ISSM.ImplementationAudit ProceduresAuditing allows the ISSM to monitor security-related activitieson the IS and to evaluate risks and vulnerabilities. The ISSMensures that:· Appropriate security events to be audited are selected· A reasonable and appropriate audit schedule ismaintained· Audit activities do not adversely affect IS functions· Audit activities comply with other site-specific securityprocedures and requirements· All occurrences of warning messages are investigated· Audit trail data is protected.Audit TrailThe audit trail is the product of audit activities. It provide s arecord of all security-related activities (e.g., access of classifiedinformation, logons, and logoffs). The ISSM reviews audittrailson a periodic basis. These reviews focus on:· Identifying streamlined methods for collecting auditinformation· Ensuring that audit trail reviews by the ISSOs are used todevelop accurate IS use patterns and user access reports .32